This blog post recounts how moving this site to a fast joyful responsive design with a lot of images improved session duration by 104% and decreased bounce rate by 53%
Follow these ten easy steps to improve your online security and privacy quickly.
Phishing is a social-engineering attack where the attacker entice his victims to give-up their credentials for a given website by impersonating it. Believe it or not phishing campaigns are well organized and follow a very strict playbook. This post aim at shedding some light on how phishing campaign works under the hood, showcase which infrastructure phishers use to steal users credentials and provide advice on how to defend against it.
What’s the best icon to entice people to share something through their social networks? It turns out to be the one used on Android. While this may contradict guidelines proposed by some designers, this conclusion is based on the results of a survey of 7,500 users. I conducted the survey using Google Consumer Surveys this […]
Social tags are the HTML tags that social networks use to know what to display when one of their users shares your webpage. Because these tags determine how your page is presented in users’ social network feeds, optimizing those tags is an essential part of modern SEO. In this post we’ll look at Facebook and […]
I was lucky enough to get the new 2013 high-end Macbook Pro Retina (15″) yesterday and started wondering about how it compares to the mid-2012 Retina (15″) model. On a personal level, I’m also pretty interested in how its gaming performance compares with its predecessor’s.
Nearly everyone loves mobile apps that can perform local searches, get directions, or find the nearest decent restaurant. But what’s not so obvious is that these local apps can have hidden bandwidth costs — meaning that, in some cases, they can run up your phone bill in ways you might not expect.
Outsourcing blog comments to cloud services such as Disqus or Livefyre offers plenty of advantages: spam protection, analytics, already signed users and deep integration with social networks such as Twitter and Facebook. Those features are appealing. But outsourcing your comments comes with a price: it will slow down your site. It’s been demonstrated time and […]
The next time you think you’re buying an iOS app from Apple’s online store, be warned: it could be a lookalike site. Recently I was redirected via an ad to an Apple-spoofing site at Badoink.
Early July 2012, I reported to Apple numerous vulnerabilities related to their App Store iOS app. Last week Apple finally issued a fix for it and turned on HTTPS for the App Store. I am really happy that my spare-time work pushed Apple to finally enabled HTTPS to protect users. This post discuss the vulnerabilities […]
Teens and college-age kids like Chrome. Their grandparents would rather use Internet Explorer. That’s an exaggeration, but not much of one: a survey I recently conducted shows that approximately half of Americans 45 years or older prefer Internet Explorer, with the remainder of senior citizens opting for Firefox, Chrome, Safari, or Opera, in that order.
Over the last few weeks, except for RSA, you might have noticed I have been very quiet. The reason behind my silence was that I was changing job and getting settled in a new appartement in Mountain-View. I am now a research scientist at Google where I will work on trying to fix the Internet […]
While their is a huge hype surrounding .xxx domains and companies rushing to buy them to protect their brand, it seems that registration data disagree with this. My analysis of the 50000 most popular websites in the world shows that only 24% of them actually registered their .xxx domain.
In this post I will show you how to use my updated version of the foursquare-php class to display your latest foursquare on your page and blog. I will go through the changed induced by using Foursquare API v2 and what are the new awesome features introduced in this version: getting previous checkins and using the lib as the JSON backend
Optimizing website performance is all about numbers and metrics so, before delving into optimization techniques, it is essential to understand what can be optimized and how to measure improvements in performance. In this post, we will review the five areas where website performance can be improved, how to establish a performance baseline, and how to measure progress.
Since I started doing research on CAPTCHA security two years ago, I have relentlessly collected samples of all the different schemes I have encountered. In this blog post, I want to share with you five of the most crazy, funny, and interesting schemes I collected.
Internet Explorer privacy is flawed. This blog post shows how to abuse SMB query to force Internet explorer to disclose windows username, domain and version even while in private mode or using an HTTP proxy. Proof of concept included.
In this post I explain how to use the PHP class foursquare.php I wrote to create a widget for your website that display your latest check-in details along with a map generated via the Google Map API.